Abstract

The theft of Radio Frequency Identification (RFID) tag identity, commonly referred to as tag cloning, is a serious threat to RFID systems. It can enable an attacker to gain access to a secure facility, make fraudulent purchases, or disrupt supply chains. It may even enable crimes like financial gain, people smuggling, and drug trafficking, terrorism and money laundering. Presently there is no practical solution to defend against tag cloning. This thesis details research that aims to detect the presence of clone tags which may be the first step in defending against them and preventing RFID-enabled crimes from occurring. An intrusion detection system has been developed using statistical anomaly detection to identify clone tags. The feasibility of the approach has been tested by evaluating its performance in detecting synthesized attacks inside a sanitized RFID audit log. The results suggest that intrusion detection systems can be used to detect cloned tags but that the weaknesses of statistical anomaly detection are also apparent when used on RFID data.